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DETAILED ACTION 

This office action lias been issued in response to tine received Request for Continued 
Examination filed January 17, 2009, and Amendments to tine Claims, and Remarks 
previously filed December 10, 2008. Claims 1-14, and 17-22 are pending, in which 
claims 1,13, and 17 are in independent form. 
Status of Claims: 

Claims 1-14 and 17-22 are rejected under 35 U.S.C. 102(b). 

Response to Amendment 

Applicant's December 10, 2008 amendments to the Claims have been received 
and entered, in which claims 1,13, and 17 are amended. 

Response to Arguments 

Applicant's arguments filed December 10, 2008 have been fully considered and 
are not persuasive as they relate to 35 U.S.C. 102. Applicant's argument regarding the 
amended claims related to the recording and storing of the encrypted messages for 
later review is specifically addressed. Accordingly, the 35 U.S.C. 102(b) rejections to 
the pending claims remain and are shown below. 

Claim Rejections - 35 USC § 102 

1 . The following is a quotation of the appropriate paragraphs of 35 U.S.C. 1 02 that 
form the basis for the rejections under this section made in this Office action: 
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A person shall be entitled to a patent unless - 

(b) the invention was patented or described in a printed publication in this or a foreign country or in public 
use or on sale in this country, more than one year prior to the date of application for patent in the United 
States. 

2. Claims 1-14 and 17-22 rejected under 35 U.S.C. 102(b) as being anticipated by 
Van Oorshot et al U.S. Patent Number 6,229,894; Date of Patent: May 8, 2001 
hereinafter Van Oorshot. 

As to claim 1, the following is taught: "a method for monitoring (Van Oorshot: 
column 2, lines 4-10 indicate the needs of the law enforcement agencies in the 
monitoring of communications) of communications traffic, comprising: recording packet- 
data communication traffic received from, and passing through, a network switch; 

encrypting the packet-data communication traffic after the packet-data 
communication traffic has passed through the network switch to create encrypted data 
(Van Oorshot: column 5, lines 56-65 - also see encrypted transmission (ciphertext) 54 
in Figure 2 which includes the signature of sending end-user 56, the encrypted file or 
message 58, and the wrapped session key 52; and 

storing the encrypted data (Van Oorshot: Figure 1 , and its description starting in 
column 3, line 15 discloses the receiving, encrypting, recording, and storing of 
communications data as well as a decryption key required for its decoding) such that 
the encrypted data can be decrypted only by means of decryption keys that exhibit 
restricted availability (Van Oorshot: column 4 line 59 to column 5, line 5)." 
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As to claim 2, tlie following is taught: "the method as claimed in claim 1 further 
including employment of a spare disk and/or CPU capacity within a telecommunications 
system (Van Oorshot: column 7, lines 17-30)." 

As to claim 3, the following is taught: "the method as claimed in claim 1 further 
including the step of including encrypted search conditions within the decryption keys 
that are made selectively available (Van Oorshot: column 7, lines 43-61)." 

As to claim 4, the following is taught: "the method as claimed in claim 1 , further 
including the step of employing separate levels of authorization for access to the stored 
data (Van Oorshot: column 3, lines 1-8; column 7, lines 31-42)." 

As to claim 5, the following is taught: "the method as claimed in claim 1 , further 
including the step of employing a decryption key that is useable only once (Van 
Oorshot: column 7, line 55-57; column 8, lines 21-39, and lines 45-51)." 

As to claim 6, the following is taught: "the method as claimed in claim 1 , further 
including the step of logging (Van Oorshot: Abstract, column 1 , lines 60-67 discloses 
identity authentication of requestor) all accesses to the stored data to an encrypted 
secure audit trail (Van Oorshot: column 3, line 57 to column 4, line 5; column 5, lines 
56-65)." 
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As to claim 7, the following is taught: "the method as claimed in claim 1, further 
including a tamper detection reference within the encrypted data (Van Oorshot: column 
4, lines 23-67)." 

As to claim 8, the following is taught: "the method as claimed in claim 1 , further 
including the step of monitoring all the available communications traffic (Van Oorshot: 
column 2, lines 4-14, disclose the problem for law enforcement agencies to obtain wire- 
tap information; column 10, lines 43-52 disclose the legal capability of law enforcement 
agencies to monitor and record unlimited information for its lawful and potential future 
scrutiny)." 

As to claim 9, the following is taught: "the method as claimed in claim 8, wherein 
the step of storing the recorded traffic comprises the step of recording all of the 
recorded traffic (Van Oorshot: column 2, lines 4-14, disclose the problem for law 
enforcement agencies to obtain wire-tap information; column 10, lines 43-52 disclose 
the legal capability of law enforcement agencies to monitor and record unlimited 
information for its lawful and potential future scrutiny)." 

As to claim 10, the following is taught: "the method as claimed in claim 1 , wherein 
the communications traffic to be recorded comprises traffic through a 
telecommunications switch, router or gateway (Van Oorshot: column 3, lines 15-32; 
column 3, lines 16-39)." 
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As to claim 11 , the following is taught: "the method as claimed in claim 1 , further 
including the step of encrypting details relating to the communications traffic and storing 
the said encrypted details for subsequent access (Van Oorshot: Figure 2, and column 
5, line 28 to column 8, line 6)." 

As to claim 12, the following is taught: "the method as claimed in claim 1 , further 
including the step of authorizing use of the required decryption key in a restricted 
manner (Van Oorshot: Figure 3, and column 8, lines 7-59)." 

As to claim 13, the following is taught: "a system for monitoring of 
communications traffic, comprising: 

"a recorder that records the communications traffic, the communications traffic 
being received by the recorder from a network switch; 

an encryption engine that encrypts the communications traffic after the 
communications traffic has passed through the network switch (Van Oorshot: column 5, 
lines 56-65 - also see encrypted transmission (ciphertext) 54 in Figure 2 which includes 
the signature of sending end-user 56, the encrypted file or message 58, and the 
wrapped session key 52; also see server 16, processing device 90, memory 92 of 
Figure 2, and column 7, lines 17-27), and" 

"a storage device that stores recorded communications traffic as encrypted data, 
such that the encrypted data can be decrypted only by means of keys that exhibit 
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restricted availability (Van Oorshot: see secure storage of users' decryption private 
keys of server 16 in Figure 2, and column 7, lines 27-30; and directory 68 (a database) 
of Figure 2, and column 6, lines 50-54)." 

As to claim 14, the following is taught: "the system as claimed in claim 13 further 
including application software and executes the method steps of any one or more of 
claims 2-12 (See Van Oorshot's teachings above with regards to claim 13, and 
specifically with regards to claims 2-12)" 

As to claim 15: (cancelled). 

As to claim 16: (cancelled). 

As to claim 17, the following is taught: "a method for monitoring of 
communications traffic, comprising the steps of:" 

"receiving communications traffic from a network switch; encrypting the 
communications traffic after the packet-data communication traffic has passed through 
the network switch (Van Oorshot: column 5, lines 56-65 - also see encrypted 
transmission (ciphertext) 54 in Figure 2 which includes the signature of sending end- 
user 56, the encrypted file or message 58, and the wrapped session key 52) to generate 
encrypted communications traffic data (Van Oorshot: Figure 1, and its description 
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starting in column 3, line 15 discloses the receiving, encrypting, recording, and storing 
of communications data as well as a decryption key required for Its decoding);" 

"recording the encrypted communications traffic data (Van Oorshot: see server 
16, processing device 90, memory 92 of Figure 2, and column 7, lines 17-27);" 

"storing the recorded encrypted communications traffic data such that the 
encrypted communications traffic data can be decrypted by decryption keys that exhibit 
restricted availability, that allow encrypted search conditions and that employ separate 
levels of authorization for access to the stored data (Van Oorshot: see secure storage 
of users' decryption private keys of server 16 In Figure 2, and column 7, lines 27-30; 
and directory 68 (a database) of Figure 2, and column 6, lines 50-54); and" 

"encrypting details relating to the communications traffic and storing the said 
encrypted details for subsequent access (Van Oorshot: see sending end-user 18, and 
end-user encryption certificate of end-user 60, 62, 64 In Figure 2, and column 5, lines 
39-55)." 

As to claim 18, the following Is taught: "the method as claimed In claim 17, further 
including the step of employing a decryption key that Is useable only once (Van 
Oorshot: column 8, lines 21-39)." 

As to claim 19, the following Is taught: "the method as claimed In claim 17, further 
Including the step of logging (Van Oorshot: Abstract, column 1, lines 60-67 discloses 
Identity authentication of requestor) all accesses to the stored data to an encrypted 
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secure audit trail (Van Oorshot: column 3, line 57 to column 4, line 5; column 5, lines 
56-65)." 

As to claim 20, the following is taught: "the method as claimed in claim 17, further 
including a tamper detection reference within the encrypted data (Van Oorshot: column 
4, lines 23-67)." 

As to claim 21 , the following is taught: "the method as claimed in claim 17, further 
including the step of monitoring all the available communications traffic (Van Oorshot: 
column 2, lines 4-14, disclose the problem for law enforcement agencies to obtain wire- 
tap information; column 10, lines 43-52 disclose the legal capability of law enforcement 
agencies to monitor and record unlimited information for its lawful and potential future 
scrutiny)." 

As to claim 22, the following is taught: "the method as claimed in claim 17, 
wherein the step of storing the recorded traffic comprises the step of recording all of the 
recorded traffic (Van Oorshot: column 2, lines 4-14, disclose the problem for law 
enforcement agencies to obtain wire-tap information; column 10, lines 43-52 disclose 
the legal capability of law enforcement agencies to monitor and record unlimited 
information for its lawful and potential future scrutiny)." 
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Conclusion 

3. The prior art made of record and not relied upon is considered pertinent to 
applicant's disclosure, specifically regarding the recording and storing of encrypted 
messages for later review. Bentley et al, (U.S. Patent Number 5,914,951 ); Cox et al, 
(U.S. Publication 2001/0043697); Eilbacher etal (U.S. Patent Number 6,724,887); and 
Eilbacher et al, (U.S. Patent 6,959,078). 

Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to Stephen Sanders whose telephone number is 
571-270-5308. The examiner can normally be reached on M - F; 7:30a.m. - 5:00p.m.. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Kambiz Zand can be reached on 571-272-381 1 . The fax phone number for 
the organization where this application or proceeding is assigned is 571-273-8300. 

Information regarding the status of an application may be obtained from the 
Patent Application Information Retrieval (PAIR) system. Status information for 
published applications may be obtained from either Private PAIR or Public PAIR. 
Status information for unpublished applications is available through Private PAIR only. 
For more information about the PAIR system, see http://pair-direct.uspto.gov. Should 
you have questions on access to the Private PAIR system, contact the Electronic 
Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a 
USPTO Customer Service Representative or access to the automated information 
system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000. 

/Stephen Sanders/ 
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Supervisory Patent Examiner, Art Unit 2434 



